Is there a general way for the Application designer to manually control
process behavior, based on Security?  For example I would like to 'hide' 
optional children, if the user does not have the required security.  Can I 
determine the security key of the process in ILF?

You can read the 0AD PROCESS file to find out the security class that might 
be assigned to a process.

You can then set up a memory indexed file with a single field of Alpha(4).
Define it as the Record Access security field.  Then, from ILF set the field
to the security code you want to test, write it, and then try to read it back.  If you can't read it back, then you don't have access to that security code.

Details:

1) Create a memory file with one field designated as the RECORD PROTECT
   field, as follows:

2) Make sure that you set the Record Access field for the file as follows:
        
    Record Protection Fields            
        Delete Protection = blank
        Key Protection = blank
        Record Access = SECURITY_CODE

3) The following ILF code will create and populate the memory file and test
   for a specific code.  The READ returns a true if the user has access to the
   specified code.  The READ returns a false is the user does not have access
   to the specified code.

      SCRATCH  SPF SECURITY            FAIL 0 CACHE? N
      CREATE   SPF SECURITY  SHARE? Y  FAIL 0 CACHE NONE
      *        The write will always succeed
      SET      SPF SECURITY CODE              =      0001
      WRITE    SPF SECURITY               FAIL 0
      *        The read will fail if the user does not have access to code 0001
      SET      SPF SECURITY CODE              =      0001
      READ     SPF SECURITY               HOLD 0 FT 0 BY SECURITY CODE
F     ERROR    User Doesn't Have Access To Code 0001